I am trying to setup SSL for my heroku app. I am using the hostname based SSL add-on. The heroku documentation states the following:
Hostname based SSL will not work with root domains as it relies on CNAME
aliasing of your custom domain names. CNAME aliasing of root domains is
an RFC violation.
As expected everything works well when I access the site using the www subdomain, i.e. https://www.foo.com. The browser complains when I access https://foo.com as the certificate presented is for heroku.com.
I concluded that I have to redirect the traffic for foo.com to www.foo.com to address this issue. I am considering following approaches:
1) DNS based redirection
The DNS provider Zerigo supports the redirect records. I came across a question on a similar subject on SO. I tried the solution, it works ONLY for HTTP redirection(Zerigo documentation confirms this).
My Zerigo configuration:
foo.com A x.x.x.x
foo.com redirect http://www.foo.com
www.foo.com CNAME zzz.amazonaws.com
2) Rack based redirection
Add a rack based middle-ware to perform the redirection. The canonical-host gem provides such support.
use CanonicalHost do
case Rails.env.to_sym
when :staging then 'staging.foo.com'
when :production then 'www.foo.com'
end
end
I am wondering if there is a better solution for this(barring switching to $100 per month IP based SSL)